193bf6008Sagc#! /bin/sh 293bf6008Sagc 300f7aadeSagc# function to mark a test as good or bad 400f7aadeSagcmarktest() { 500f7aadeSagc local lnum=$1 600f7aadeSagc local lgood=$2 700f7aadeSagc if [ $lgood -eq $lnum ]; then 800f7aadeSagc passed=$(expr $passed + 1) 900f7aadeSagc echo "$lnum yes" >> passed 1000f7aadeSagc else 1100f7aadeSagc echo "$lnum no" >> passed 1200f7aadeSagc fi 1300f7aadeSagc} 1400f7aadeSagc 15ad7bc21dSagcwhile [ $# -gt 0 ]; do 16ad7bc21dSagc case "$1" in 17ad7bc21dSagc -v) 18ad7bc21dSagc set -x 19ad7bc21dSagc ;; 20ad7bc21dSagc *) 21ad7bc21dSagc break 22ad7bc21dSagc ;; 23ad7bc21dSagc esac 24ad7bc21dSagc shift 25ad7bc21dSagcdone 26ad7bc21dSagc 27*da39824bSagcenv USETOOLS=no MAKEOBJDIRPREFIX=/usr/build/amd64 sh -c 'cd ../libmj && \ 28b142b74bSagc make cleandir ; \ 29b142b74bSagc su root -c "make includes"; \ 30b142b74bSagc make ; \ 31b142b74bSagc su root -c "make install"' 32*da39824bSagcenv USETOOLS=no MAKEOBJDIRPREFIX=/usr/build/amd64 sh -c 'cd ../lib && \ 33bcfd8565Sagc make cleandir ; \ 34ad7bc21dSagc su root -c "make includes"; \ 35bcfd8565Sagc make ; \ 36bcfd8565Sagc su root -c "make install"' 37*da39824bSagcenv USETOOLS=no MAKEOBJDIRPREFIX=/usr/build/amd64 sh -c 'cd ../netpgp && \ 38da8de2a7Sagc make cleandir ; \ 39da8de2a7Sagc make ; \ 40da8de2a7Sagc su root -c "make install"' 41*da39824bSagcenv USETOOLS=no MAKEOBJDIRPREFIX=/usr/build/amd64 sh -c 'cd ../netpgpkeys && \ 42bcfd8565Sagc make cleandir ; \ 43bcfd8565Sagc make ; \ 44bcfd8565Sagc su root -c "make install"' 456715e11aSagc 466715e11aSagcpassed=0 474b284f77Sagctotal=36 483c1d4d36Sagcrm -f passed 493c1d4d36Sagcdate > passed 5093bf6008Sagcecho "======> sign/verify 180938 file" 5193bf6008Sagccp configure a 52bcfd8565Sagc/usr/bin/netpgp --sign a 5300f7aadeSagc/usr/bin/netpgp --verify a.gpg && good=1 5400f7aadeSagcmarktest 1 $good 5593bf6008Sagcecho "======> attempt to verify an unsigned file" 5600f7aadeSagc/usr/bin/netpgp --verify a || good=2 5700f7aadeSagcmarktest 2 $good 5893bf6008Sagcecho "======> encrypt/decrypt 10809 file" 59d69b68cbSagccp src/netpgp/netpgp.1 b 60bcfd8565Sagc/usr/bin/netpgp --encrypt b 61bcfd8565Sagc/usr/bin/netpgp --decrypt b.gpg 6200f7aadeSagcdiff src/netpgp/netpgp.1 b && good=3 6300f7aadeSagcmarktest 3 $good 6493bf6008Sagcecho "======> encrypt/decrypt 180938 file" 6593bf6008Sagccp configure c 66bcfd8565Sagc/usr/bin/netpgp --encrypt c 67bcfd8565Sagc/usr/bin/netpgp --decrypt c.gpg 6800f7aadeSagcdiff configure c && good=4 6900f7aadeSagcmarktest 4 $good 7093bf6008Sagcecho "======> encrypt/decrypt bigass file" 7193bf6008Sagccat configure configure configure configure configure configure > d 7293bf6008Sagcls -l d 7393bf6008Sagccp d e 74bcfd8565Sagc/usr/bin/netpgp --encrypt d 75bcfd8565Sagc/usr/bin/netpgp --decrypt d.gpg 7600f7aadeSagcdiff e d && good=5 7700f7aadeSagcmarktest 5 $good 78f4badd9bSagcecho "======> sign/verify detached signature file" 79f4badd9bSagccat configure configure configure configure configure configure > f 80f4badd9bSagc/usr/bin/netpgp --sign --detached f 81f4badd9bSagcls -l f f.sig 8200f7aadeSagc/usr/bin/netpgp --verify f.sig && good=6 8300f7aadeSagcmarktest 6 $good 84648b5a99Sagcecho "======> cat signature - verified cat command" 85648b5a99Sagc/usr/bin/netpgp --cat a.gpg > a2 8600f7aadeSagcdiff a a2 && good=7 8700f7aadeSagcmarktest 7 $good 88648b5a99Sagcecho "======> another cat signature - verified cat command" 89648b5a99Sagc/usr/bin/netpgp --cat --output=a3 a.gpg 9000f7aadeSagcdiff a a3 && good=8 9100f7aadeSagcmarktest 8 $good 92da8de2a7Sagcecho "======> netpgp list-packets test" 9300f7aadeSagc/usr/bin/netpgp --list-packets || good=9 9400f7aadeSagcmarktest 9 $good 9593bf6008Sagcecho "======> version information" 9600f7aadeSagc/usr/bin/netpgp --version && good=10 9700f7aadeSagcmarktest 10 $good 98da8de2a7Sagcecho "======> netpgpverify file" 99*da39824bSagc/usr/bin/netpgp -v < a.gpg && good=11 10000f7aadeSagcmarktest 11 $good 101da8de2a7Sagcecho "======> attempt to verify an unsigned file" 102*da39824bSagc/usr/bin/netpgp -v < a || good=12 10300f7aadeSagcmarktest 12 $good 104da8de2a7Sagcecho "======> sign/verify detached signature file" 105da8de2a7Sagcls -l f f.sig 106*da39824bSagc/usr/bin/netpgp -v f.sig && good=13 10700f7aadeSagcmarktest 13 $good 108da8de2a7Sagcecho "======> another verify signature - verified cat command" 109*da39824bSagc/usr/bin/netpgp -v --output=a3 < a.gpg 11000f7aadeSagcdiff a a3 && good=14 11100f7aadeSagcmarktest 14 $good 112380fd10dSagcecho "======> list keys" 11300f7aadeSagc/usr/bin/netpgpkeys --list-keys && good=15 11400f7aadeSagcmarktest 15 $good 115da8de2a7Sagcecho "======> version information" 116*da39824bSagc/usr/bin/netpgp -v --version && good=16 11700f7aadeSagcmarktest 16 $good 118ad7bc21dSagcecho "======> find specific key information" 11900f7aadeSagc/usr/bin/netpgpkeys --get-key c0596823 agc@netbsd.org && good=17 12000f7aadeSagcmarktest 17 $good 121632dc3acSagcecho "======> ascii armoured signature" 122632dc3acSagccp Makefile.am g 12300f7aadeSagc/usr/bin/netpgp --sign --armor g && good=18 12400f7aadeSagcmarktest 18 $good 125632dc3acSagcecho "======> ascii armoured sig detection and verification" 12600f7aadeSagc/usr/bin/netpgp --verify g.asc && good=19 12700f7aadeSagcmarktest 19 $good 128632dc3acSagcecho "======> ascii armoured signature of large file" 129632dc3acSagccp Makefile.in g 13000f7aadeSagc/usr/bin/netpgp --sign --armor g && good=20 13100f7aadeSagcmarktest 20 $good 132632dc3acSagcecho "======> ascii armoured sig detection and verification of large file" 13300f7aadeSagc/usr/bin/netpgp --verify g.asc && good=21 13400f7aadeSagcmarktest 21 $good 135b15ec256Sagcecho "======> verify memory by recognising ascii armour" 136b15ec256Sagc/usr/bin/netpgp --cat < g.asc > g2 13700f7aadeSagcdiff g g2 && good=22 13800f7aadeSagcmarktest 22 $good 13991c29c74Sagcecho "======> list ssh host RSA public key" 14000f7aadeSagc/usr/bin/netpgpkeys --ssh --sshkeyfile=/etc/ssh/ssh_host_rsa_key.pub --list-keys && good=23 14100f7aadeSagcmarktest 23 $good 14291c29c74Sagcecho "======> sign/verify file with ssh host keys" 14391c29c74Sagccp configure a 144275353f2Sagcsudo /usr/bin/netpgp --ssh --sshkeyfile=/etc/ssh/ssh_host_rsa_key.pub --sign a 14591c29c74Sagcsudo chmod 644 a.gpg 14600f7aadeSagc/usr/bin/netpgp --verify --ssh --sshkeyfile=/etc/ssh/ssh_host_rsa_key.pub a.gpg && good=24 14700f7aadeSagcmarktest 24 $good 148bb371892Sagcecho "======> pipeline and memory encrypt/decrypt" 149bb371892Sagc/usr/bin/netpgp --encrypt < a | /usr/bin/netpgp --decrypt > a4 15000f7aadeSagcdiff a a4 && good=25 15100f7aadeSagcmarktest 25 $good 152bb371892Sagcecho "======> pipeline and memory sign/verify" 153bb371892Sagc/usr/bin/netpgp --sign < a | /usr/bin/netpgp --cat > a5 15400f7aadeSagcdiff a a5 && good=26 15500f7aadeSagcmarktest 26 $good 156600b302bSagcecho "======> verify within a duration" 157600b302bSagccp Makefile.am h 158600b302bSagc/usr/bin/netpgp --sign --duration 6m --detached h 15900f7aadeSagc/usr/bin/netpgp --verify h.sig && good=27 16000f7aadeSagcmarktest 27 $good 161600b302bSagcecho "======> invalid signature - expired" 162600b302bSagcrm -f h.sig 163600b302bSagc/usr/bin/netpgp --sign --duration 2 --detached h 164600b302bSagcsleep 3 16500f7aadeSagc/usr/bin/netpgp --verify h.sig || good=28 16600f7aadeSagcmarktest 28 $good 1675aae2c74Sagcecho "======> list signatures and subkey signatures" 16800f7aadeSagc/usr/bin/netpgpkeys --list-sigs && good=29 16900f7aadeSagcmarktest 29 $good 1708c81a236Sagcecho "======> generate a new RSA key" 17100f7aadeSagc/usr/bin/netpgpkeys --generate-key && good=30 17200f7aadeSagcmarktest 30 $good 1733c1d4d36Sagcecho "======> ascii detached armoured signature" 1743c1d4d36Sagccp Makefile.am i 17500f7aadeSagc/usr/bin/netpgp --sign --armor --detached i && good=31 17600f7aadeSagcmarktest 31 $good 1773c1d4d36Sagcecho "======> ascii detached armoured sig detection and verification" 17800f7aadeSagc/usr/bin/netpgp --verify i.asc && good=32 17900f7aadeSagcmarktest 32 $good 1805d9dc9f8Sagcecho "======> host ssh fingerprint and netpgp fingerprint" 1812473820bSagcnetpgpkey=$(/usr/bin/netpgpkeys --ssh --sshkeyfile=/etc/ssh/ssh_host_rsa_key.pub --list-keys --hash=md5 | awk 'NR == 3 { print $3 $4 $5 $6 $7 $8 $9 $10 }') 1825d9dc9f8Sagcsshkey=$(/usr/bin/ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key.pub | awk '{ gsub(":", "", $2); print $2 }') 1835d9dc9f8Sagcecho "host sshkey \"$sshkey\" = netpgpkey \"$netpgpkey\"" 18400f7aadeSagc[ $sshkey = $netpgpkey ] && good=33 18500f7aadeSagcmarktest 33 $good 1865d9dc9f8Sagcecho "======> user ssh fingerprint and netpgp fingerprint" 1872473820bSagcnetpgpkey=$(/usr/bin/netpgpkeys --ssh --list-keys --hash=md5 | awk 'NR == 3 { print $3 $4 $5 $6 $7 $8 $9 $10 }') 1885d9dc9f8Sagcsshkey=$(/usr/bin/ssh-keygen -l -f /home/agc/.ssh/id_rsa.pub | awk '{ gsub(":", "", $2); print $2 }') 1895d9dc9f8Sagcecho "user sshkey \"$sshkey\" = netpgpkey \"$netpgpkey\"" 19000f7aadeSagc[ $sshkey = $netpgpkey ] && good=34 19100f7aadeSagcmarktest 34 $good 19244647216Sagcecho "======> single key listing" 19300f7aadeSagc/usr/bin/netpgpkeys -l agc && good=35 19400f7aadeSagcmarktest 35 $good 1954b284f77Sagcecho "======> pipeline and memory encrypt/decrypt with specified cipher" 1964b284f77Sagc/usr/bin/netpgp -e --cipher camellia128 < a | /usr/bin/netpgp -d > a6 19700f7aadeSagcdiff a a6 && good=36 19800f7aadeSagcmarktest 36 $good 1994b284f77Sagcrm -f a a.gpg b b.gpg c c.gpg d d.gpg e f f.sig g g.asc g2 a2 a3 a4 a5 a6 h h.sig i i.asc 2006715e11aSagcecho "Passed ${passed}/${total} tests" 201